[Coco] Telnet to your CoCo.. and invite 6 of your friends
Willard Goosey
goosey at virgo.sdc.org
Mon Nov 30 17:04:12 EST 2009
On Mon, Nov 30, 2009 at 04:24:08PM +0000, farna at att.net wrote:
> I'm not very OS-9 literate. I'm assuming F$SETID is built into the
> kernel and not easily disabled?
Yep, it's in there somewhere. Probably in OS9P2. AFAIK there's no
mechanism in the OS to disable system calls.
>Would it be hard to write a routine that would intercept such a call
>and disable it, or disable it in some other way?
Probably the easiest way is to grab the NitrOS-9 source and replace
F$SETID with a stub that always fails. Or expand the system call a
little by making it check the current user number, and only allow user
0 to succeed.
I'm not deep enough into OS-9 kernel hacking to know what would happen
if there were multiple modules trying to provide the same system call.
That might or might not be handled gracefully.
>I would think that for a server there is no real
> need to switch user IDs.
Security systems start getting complicated really quickly...
Willard
--
Willard Goosey goosey at sdc.org
Socorro, New Mexico, USA
I search my heart and find Cimmeria, land of Darkness and the Night.
-- R.E. Howard
More information about the Coco
mailing list